<?php
session_start();

//注销登录
if (@$_GET['action'] == "logout") {
	unset($_SESSION['userid']);
	unset($_SESSION['username']);
	echo "注销成功！";
	echo "<br>";
	echo '点击此处<a href="login.html">登录</a>';
	exit;
}

//登录
if (!isset($_POST['submit'])) {
	exit('非法访问！');
}
$username = htmlspecialchars($_POST['username']);
$password = md5($_POST['password']);

require 'connect.php';

//检测用户名密码
$result = $con->query("SELECT adm_id FROM admin WHERE adm_name = '$username' AND adm_password = '$password' LIMIT 1");
if ($row = mysqli_fetch_array($result)) {
	//登录成功
	$_SESSION['username'] = $username;
	$_SESSION['userid'] = $row['adm_id'];
	echo $username . '欢迎你！<br>';
	echo '点击进入<a href="my.php">用户中心</a><br>';
	echo '点击此处<a href="login.php?action=logout">注销</a>';
	exit;
} else {
	exit('登录失败！点击此处<a href="login.html">重新登录</a>');
}
?>